15:01:53 <portdirect> #startmeeting openstack-helm
15:01:54 <openstack> Meeting started Tue Jan 29 15:01:53 2019 UTC and is due to finish in 60 minutes.  The chair is portdirect. Information about MeetBot at http://wiki.debian.org/MeetBot.
15:01:54 <mattmceuen> o/
15:01:55 <openstack> Useful Commands: #action #agreed #help #info #idea #link #topic #startvote.
15:01:58 <openstack> The meeting name has been set to 'openstack_helm'
15:02:25 <portdirect> Agenda is here: https://etherpad.openstack.org/p/openstack-helm-meeting-2019-01-29
15:03:01 <portdirect> i'll give it until 5 past for the stragglers (ie even later than me ;) ) and any other burning topics to be added
15:03:11 <howell> o/
15:03:47 <evrardjp> there is one topic I wanted to talk about but it's already on the agenda (image pushing), thanks portdirect!
15:04:07 <portdirect> evrardjp: :D
15:05:19 <portdirect> ok - lets go:
15:05:23 <portdirect> #topic Docs repo
15:05:48 <portdirect> last week we had a discussion about the work in getting the docs repo up and running
15:06:14 <portdirect> i hope it was helpful, it definitely helped me, so thanks jayahn and evrardjp :)
15:06:36 <portdirect> though we've not managed to get pen to paper (pen to git?) on this
15:07:05 <portdirect> im wondering if anyone would like to volunteer to get a ps up with an draft outline/toc?
15:07:46 <portdirect> i could make some time to do it this week, though as you all probably know by now, my grasp on the english language is tenuous at best
15:08:21 <evrardjp> haha
15:08:42 <evrardjp> ok I didn't really follow what's going on there in the docs repo, I am sorry
15:08:55 <evrardjp> it's been a hectic two weeks for me.
15:08:56 <portdirect> evrardjp: how do you do a vote on here? I'll try and make is simple ;)
15:09:19 <evrardjp> oh you mean with the bot?
15:09:23 <portdirect> yeah
15:09:25 <evrardjp> startvote
15:10:16 <evrardjp> you should probably explain the options first, then proceed to vote?
15:10:30 <portdirect> #startvote should portdirect attempt to write a toc for the docs repo, and accept his fate to be in review purgatory (+1, 0, -1)
15:10:31 <openstack> Unable to parse vote topic and options.
15:10:56 <portdirect> well that failed - but you get the point ;)
15:11:54 <mattmceuen> +1 WFM
15:12:13 <mattmceuen> farbeit for me to ask someone not to do work!
15:12:35 <roman_g> +1
15:13:26 <portdirect> ok - with that resounding backing I'll have a stab at it - dont say i didnt warn you guys ;)
15:13:35 <mattmceuen> lol
15:13:43 <portdirect> lets move on
15:13:46 <portdirect> #topic NoQA charts
15:14:27 <evrardjp> +1
15:14:33 <portdirect> so our gate coverage has reduced a bit in openstack-helm-infra - where we previously had 100% coverage
15:14:55 <portdirect> by no means was this coverage good, but we did at least attempt to deploy every chart in the repo
15:15:15 <portdirect> and this has decreased a bit in the last few weeks with some of our new additions
15:15:58 <portdirect> as this repo holds (what ee subjectively decree) critical infra for running a cloud using osh
15:16:04 <portdirect> its not the best look
15:16:47 <srwilkers> ++
15:16:49 <portdirect> can we try and clean that up this week, and next week we can review - possibly moving things to osh-addons?
15:17:11 <evrardjp> that lgtm
15:17:48 <mattmceuen> for my chart:  as discussed last week, planning to add.  Doing it this week is a good plan, will try.  :).
15:18:23 <portdirect> mattmceuen: thanks dude, though i dont think you are the only one ;)
15:18:43 <portdirect> ok to move on?
15:19:14 <portdirect> #topic Image Pushing
15:19:40 <portdirect> evrardjp: i saw some comments in irc - and noticed that image pushes do not seem to be happening atm
15:19:52 <evrardjp> yes
15:19:58 <portdirect> you ok to describe the current state of the art here?
15:20:05 <evrardjp> well two things
15:20:18 <evrardjp> 1) the current code 2) the state of the art
15:20:47 <evrardjp> So, for the current code (1), we are relying on a post pipeline to automatically push things
15:21:19 <evrardjp> sadly there seem to be a bug in push pipeline when a file trigger is used, which basically skips the current job of pushing the images
15:21:45 <evrardjp> I will explain the fixes after talking about the state of the art
15:21:50 <evrardjp> so...
15:22:02 <evrardjp> for the state of the art, nowadays there is a new kid in the block. Very new.
15:22:36 <evrardjp> This is a new pipeline, named "promote".
15:23:04 <evrardjp> By default, all the commits into osh-images would push a new image with a change id number
15:24:02 <evrardjp> then the promote pipeline doesn't have to run an image building once again (compared to the post which basically forces yet another build of an image). Instead it retags an image with what we want, and remove the old reference with a change id
15:25:11 <portdirect> oh - thats pretty nice
15:25:13 <evrardjp> the advantages of that pipeline is multiple: Faster (because no need to rebuild in post), scheduled faster (don't need to allocate nodes,as promote happens on the same node
15:25:32 <evrardjp> and the last advantage: it's already built by other people.
15:25:39 <portdirect> so the *same* image that was tested is the one that gets pushed
15:25:57 <portdirect> which was always a bit of a gap before with the post pattern.
15:25:59 <evrardjp> well that was always the case, because you were rebuilding
15:26:07 <evrardjp> in post
15:26:24 <evrardjp> the gap would be time between your code change and post
15:27:00 <evrardjp> but the code tested would be the same. but that's details, let's skip that for now
15:27:09 <evrardjp> problem of that:
15:27:23 <evrardjp> we need to be refactoring jobs, and our code, which I just did.
15:27:48 <evrardjp> I am not so sure we'll be able to be as granular as what we were.
15:28:00 <evrardjp> Anyway, I did a few patches to make that work for OSH
15:28:06 <evrardjp> so we could leverage it.
15:28:12 <evrardjp> question now is the following:
15:28:43 <evrardjp> should we fix the current code, and adapt post to be less surgical, OR adapt to latest state of the art
15:29:17 <evrardjp> I would tend to go to latter, but I need time. I am currently fighting fires, so I will probably require more time before doing htat.
15:29:25 <evrardjp> opinions?
15:29:47 <srwilkers> i'd prefer to use promote if possible
15:30:01 <evrardjp> ok
15:30:42 <portdirect> how much work is required for each option?
15:30:47 <evrardjp> if anyone wants to help there, I can point to what needs doing. Else wait that fights are extinguished
15:30:58 <evrardjp> first option is probably fastest.
15:31:13 <portdirect> days? weeks?
15:31:18 <evrardjp> but it means carrying our own code, and slower.
15:31:35 <portdirect> the reason for asking is that I'd like to help people getting running on healthchecks for non rest based services
15:31:37 <evrardjp> former is I'd say days, depending on how fast I get core reviews and iterations
15:31:46 <portdirect> and that requires building images with iptables in
15:32:04 <evrardjp> you can still build currently and manually upload
15:32:11 <portdirect> thats true
15:32:15 <evrardjp> it's just it's not automatically done
15:32:28 <portdirect> if no objection there i'll do that in the short term
15:32:41 <evrardjp> I think that's what was done in the past, and nobody complained
15:32:45 <portdirect> but like srwilkers lets move forward
15:32:49 <evrardjp> ok
15:33:10 <evrardjp> I have prioritized this work, but it's not highest prio. Will keep ppl informed in the chan
15:33:31 <evrardjp> That's all I have.
15:35:28 <portdirect> nice - thanks for all your work on this evrardjp
15:35:33 <mattmceuen> +1!
15:35:35 <portdirect> it really helps move the project forward
15:36:07 <portdirect> #topic Internal TLS
15:36:19 <portdirect> so im finally getting this moving again
15:36:34 <portdirect> ironicly it was how i 1st got interested in OSH :)
15:37:07 <portdirect> stage one of this has been cleaning up some htk functions: https://review.openstack.org/#/q/topic:hostname_short_endpoint_lookup+(status:open+OR+status:merged)
15:38:01 <portdirect> and over the next two weeks i hope to finish the work started here: https://review.openstack.org/#/c/597611/
15:38:29 <portdirect> the plans not changed here:
15:38:47 <portdirect> we will support both 'bring your own certs' and 'bring your own ca'
15:39:10 <portdirect> in the latter case using sprig to create the required certs dynamicly
15:39:31 <portdirect> thats kinda all i got there - just wanted to raise it
15:39:54 <portdirect> and obviously i'll also get a set of gates in that exercise this
15:40:16 <portdirect> starting with rest services - then we can move onto mysql and rabbit
15:41:20 <srwilkers> and then all the LMA goodness -- that'll be fun
15:41:43 <mattmceuen> Woot portdirect - looking forward to this
15:41:47 <portdirect> yeah - so that makes me think of somthing that will make many people shudder
15:41:52 <mattmceuen> don't go losing interest in OSH after this is implemented :D
15:42:06 <portdirect> initially I'm gonna use eventlet to terminate connections internally
15:42:28 <portdirect> and once we have done what move to nginx to terminate as a sidecar
15:43:41 <evrardjp> wait what
15:43:51 <evrardjp> could you clarify this?
15:43:57 <portdirect> :)
15:44:37 <portdirect> yeah - in the 1st pass this will make use of eventlet/pecan etc for many services
15:44:59 <portdirect> and then quickly follow on to move to a more sane approach
15:45:07 <evrardjp> so you mean for putting some termination on the host for the API services
15:45:14 <evrardjp> mmm ok
15:45:16 <portdirect> in the pod
15:45:20 <evrardjp> yeah
15:45:28 <portdirect> thought that would perk your ears up evrardjp ;)
15:45:41 <portdirect> dont worry - its not the intended end state, just a stepping stone
15:45:51 <evrardjp> haha
15:46:10 <evrardjp> I know the "forever temporary" state
15:46:14 <evrardjp> I am just cautious
15:46:32 <portdirect> lol - trust me I wont let this be a long term thing
15:46:50 * evrardjp is marking those words :)
15:47:05 <portdirect> though being cadid - it may end up with things listening on localhost, and doing it 'crudely'
15:47:24 <portdirect> rather than a more socket etc
15:47:36 <portdirect> *more elegant
15:48:08 <portdirect> ok to move on?
15:48:38 <portdirect> #topic reviews needed please
15:49:28 <evrardjp> ok to move on
15:49:28 <portdirect> mattmceuen and dwalt could do with some help here:
15:49:32 <portdirect> Reviews:
15:49:32 <portdirect> https://review.openstack.org/632481
15:49:32 <portdirect> https://review.openstack.org/631349
15:49:47 <dwalt> much appreciated!
15:50:04 <evrardjp> About that topic, I am very sorry for the state I left OSH for the last two weeks, didn't review, didn't commit. That will be solved when fires are extinguished.
15:50:05 <portdirect> the 1st brings support to running minikube based tests behind the proxy - and looks great to me (not that im biased or anything)
15:50:22 <srwilkers> minikube work looks good to me
15:50:35 <portdirect> evrardjp: all good man - in the world of openstack the next fire is only a moment away :)
15:50:50 <evrardjp> haha
15:50:59 <evrardjp> mmm aptly, it's been a while!
15:51:08 <portdirect> and the 2nd adds an image for building a local deb repo - which is required for managing airgapped hosts
15:51:43 <portdirect> i expect airship will be the primary user of the mini-mirror - but they've written it to be a great general purpose tool
15:52:17 <portdirect> personally i think people should use ostree more, but whatever ;)
15:52:36 <portdirect> thats all i got this week really, lets open the floor
15:52:41 <portdirect> #topic parking lot
15:52:54 <portdirect> anything else people want to discuss?
15:53:20 <evrardjp> portdirect: general purpose with apt only :p
15:53:45 <srwilkers> not much -- there's a change i've got opened to move the multinode osh-infra job to periodic, but that's the only thing i could use some opinions on: https://review.openstack.org/#/c/632735/
15:54:05 <portdirect> evrardjp: the door is open for rpm :)
15:54:06 <srwilkers> this moves us to a similar spot as openstack-helm, where we run the multinode jobs as periodics/experimentals
15:55:47 <portdirect> ok folks - lets get 5 mins back :)
15:55:51 <portdirect> #endmeeting